We provide a Screening Service that restricts communication between on-campus hosts and off-campus hosts.
This service, at the connection point between the on-campus network backbone and the external network, configures permit/deny settings on a per-host basis for hosts with a global address in the range 131.112.0.0 to 131.112.255.255. By using this service, for hosts intended to communicate only within the same subnet or only within the university, you can restrict communication from outside the university and prevent them from becoming targets of unauthorized access.
Each host at this university is, by default, configured so that communication with outside the university is not possible when handed over to each unit (such as a School or the central administration). In addition, for services that use certain ports, communication with outside the university is disabled, taking into account both convenience and security vulnerability.
How to Use Per-Host Screening
If you wish to change the screening settings, please apply via the form from the administrator responsible for, or the designated liaison of, the subnet to which that host belongs.
For security reasons, we cannot respond to inquiries from anyone not registered with the NOC (such as a laboratory's network staff or users). If anything is unclear, please be sure to contact the administrator responsible for, or the designated liaison of, the subnet.
If the technical liaison is unknown, please state the campus/building name and your affiliation (School, department) and contact us.
The screening status of the subnet to which a host in use belongs must always be understood and managed by each subnet's designated liaison.
Per-Network-Service Screening
Among network services designed for use on a local network, some have security vulnerabilities and are likely to become targets of unauthorized access. In fact, several such cases have been reported at this university to date.
To prevent harm from outside the university, and to avoid unintentionally launching attacks against parties outside the university, we may, taking convenience into account, block communication with outside the university for the ports used by certain services.
Currently, external use of the ports listed at the following link is suspended.
List of Blocked Communication Ports
Other
Even for addresses belonging to a subnet, screening is applied to the addresses of router ports managed by the NOC. Screening is also applied to each subnet's network address and broadcast address.
Contact
For questions, requests, or problems regarding this service as well, you can contact us via the application form.